CVE-2021-37216

QSAN Storage Manager header page parameters does not filter special characters. Remote attackers can inject JavaScript without logging in and launch reflected XSS attacks to access and modify specific data.

CVSS v3 6.1 MEDIUM
CVSS v2.0 4.3 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://www.twcert.org.tw/tw/cp-132-4962-44cd2-1.html	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:qsan:xn8024r_firmware:3.1.5:*:*:*:*:*:*:*

cpe:2.3:h:qsan:xn8024r:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:qsan:xn8008t_firmware:3.3.2:*:*:*:*:*:*:*

cpe:2.3:h:qsan:xn8008t:-:*:*:*:*:*:*:*

History

10 Aug 2021, 16:08

Type	Values Removed	Values Added
References	~~(MISC) https://www.twcert.org.tw/tw/cp-132-4962-44cd2-1.html -~~	(MISC) https://www.twcert.org.tw/tw/cp-132-4962-44cd2-1.html - Third Party Advisory
CWE		CWE-79
CPE		cpe:2.3:o:qsan:xn8008t_firmware:3.3.2:::::::* cpe:2.3:h:qsan:xn8024r:-:::::::* cpe:2.3:o:qsan:xn8024r_firmware:3.1.5:::::::* cpe:2.3:h:qsan:xn8008t:-:::::::*
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 4.3 v3 : 6.1

02 Aug 2021, 12:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2021-08-02 12:15

Updated : 2023-12-10 13:55

NVD link : CVE-2021-37216

Mitre link : CVE-2021-37216

CVE.ORG link : CVE-2021-37216

JSON object : View

Products Affected

qsan

xn8008t
xn8008t_firmware
xn8024r_firmware
xn8024r

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2021-37216", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "twcert@cert.org.tw", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2021-08-02T12:15:08.183", "references": [{"url": "https://www.twcert.org.tw/tw/cp-132-4962-44cd2-1.html", "tags": ["Third Party Advisory"], "source": "twcert@cert.org.tw"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}, {"type": "Secondary", "source": "twcert@cert.org.tw", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "QSAN Storage Manager header page parameters does not filter special characters. Remote attackers can inject JavaScript without logging in and launch reflected XSS attacks to access and modify specific data."}, {"lang": "es", "value": "Unos par\u00e1metros de la p\u00e1gina de encabezado de QSAN Storage Manager no filtran los caracteres especiales. Unos atacantes remotos pueden inyectar JavaScript sin iniciar sesi\u00f3n y lanzar ataques de tipo XSS reflejado para acceder y modificar datos espec\u00edficos"}], "lastModified": "2021-08-10T16:08:24.970", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qsan:xn8024r_firmware:3.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25BB24C7-C648-4161-B7C1-21F66681D190"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qsan:xn8024r:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7ECDAB6A-1331-48B3-A9CF-C55B9027064D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:qsan:xn8008t_firmware:3.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3467805-19F6-47DD-B997-52A7CE414680"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qsan:xn8008t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "764DCFC5-2A45-4B30-86E1-4D2C02F634CC"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "twcert@cert.org.tw"}